CVE-2022-34325

DMA transactions which are targeted at input buffers used for the StorageSecurityCommandDxe software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the StorageSecurityCommandDxe driver could cause SMRAM corruption. This issue was discovered by Insyde engineering based on the general description provided by
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-11-14 23:15

Updated : 2024-02-28 19:29


NVD link : CVE-2022-34325

Mitre link : CVE-2022-34325

CVE.ORG link : CVE-2022-34325


JSON object : View

Products Affected

insyde

  • insydeh2o
CWE
CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition